You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/02/27 18:09:38 UTC
svn commit: r1450849 - in
/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak:
security/user/ security/user/query/ spi/security/user/util/
Author: angela
Date: Wed Feb 27 17:09:38 2013
New Revision: 1450849
URL: http://svn.apache.org/r1450849
Log:
OAK-50 : user mgt (wip, annotations, minor improvement)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/ResultRowToAuthorizable.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/UserUtility.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java?rev=1450849&r1=1450848&r2=1450849&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/AuthorizableBaseProvider.java Wed Feb 27 17:09:38 2013
@@ -38,14 +38,14 @@ abstract class AuthorizableBaseProvider
final Root root;
final IdentifierManager identifierManager;
- AuthorizableBaseProvider(Root root, ConfigurationParameters config) {
+ AuthorizableBaseProvider(@Nonnull Root root, @Nonnull ConfigurationParameters config) {
this.root = checkNotNull(root);
this.config = checkNotNull(config);
this.identifierManager = new IdentifierManager(root);
}
@CheckForNull
- Tree getByID(String authorizableId, AuthorizableType authorizableType) {
+ Tree getByID(@Nonnull String authorizableId, @Nonnull AuthorizableType authorizableType) {
Tree tree = identifierManager.getTree(getContentID(authorizableId));
if (UserUtility.isType(tree, authorizableType)) {
return tree;
@@ -55,7 +55,7 @@ abstract class AuthorizableBaseProvider
}
@CheckForNull
- Tree getByPath(String authorizableOakPath) {
+ Tree getByPath(@Nonnull String authorizableOakPath) {
Tree tree = root.getTree(authorizableOakPath);
if (UserUtility.isType(tree, AuthorizableType.AUTHORIZABLE)) {
return tree;
@@ -65,12 +65,12 @@ abstract class AuthorizableBaseProvider
}
@Nonnull
- String getContentID(Tree authorizableTree) {
+ String getContentID(@Nonnull Tree authorizableTree) {
return identifierManager.getIdentifier(authorizableTree);
}
@Nonnull
- static String getContentID(String authorizableId) {
+ static String getContentID(@Nonnull String authorizableId) {
return IdentifierManager.generateUUID(authorizableId.toLowerCase());
}
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java?rev=1450849&r1=1450848&r2=1450849&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java Wed Feb 27 17:09:38 2013
@@ -26,6 +26,7 @@ import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
import javax.jcr.ImportUUIDBehavior;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
@@ -333,12 +334,12 @@ public class UserImporter implements Pro
// ---------------------------------------------< ProtectedNodeImporter >---
@Override
public boolean start(Tree protectedParent) throws RepositoryException {
- if (NT_REP_MEMBERS.equals(TreeUtil.getPrimaryTypeName(protectedParent))) {
+ if (isMemberNode(protectedParent)) {
Tree groupTree = protectedParent;
- while (!groupTree.isRoot() && NT_REP_MEMBERS.equals(TreeUtil.getPrimaryTypeName(groupTree))) {
+ while (isMemberNode(groupTree)) {
groupTree = groupTree.getParent();
}
- Authorizable auth = userManager.getAuthorizable(groupTree);
+ Authorizable auth = (groupTree == null) ? null : userManager.getAuthorizable(groupTree);
if (auth == null) {
log.debug("Cannot handle protected node " + protectedParent + ". It nor one of its parents represent a valid Authorizable.");
return false;
@@ -403,6 +404,14 @@ public class UserImporter implements Pro
definition.getDeclaringNodeType().isNodeType(namePathMapper.getJcrName(oakNodeTypeName));
}
+ private static boolean isMemberNode(@Nullable Tree tree) {
+ if (tree == null) {
+ return false;
+ } else {
+ return NT_REP_MEMBERS.equals(TreeUtil.getPrimaryTypeName(tree));
+ }
+ }
+
/**
* Handling the import behavior
*
@@ -557,7 +566,7 @@ public class UserImporter implements Pro
throw new RepositoryException(userId + " does not represent a valid user.");
}
- Impersonation imp = ((User) a).getImpersonation();
+ Impersonation imp = checkNotNull(((User) a).getImpersonation());
// 1. collect principals to add and to remove.
Map<String, Principal> toRemove = new HashMap<String, Principal>();
@@ -594,15 +603,17 @@ public class UserImporter implements Pro
}
if (!nonExisting.isEmpty()) {
- Tree userTree = root.getTree(a.getPath());
+ Tree userTree = checkNotNull(root.getTree(a.getPath()));
// copy over all existing impersonators to the nonExisting list
- PropertyState impersonators = userTree.getProperty(REP_PRINCIPAL_NAME);
- for (String existing : impersonators.getValue(STRINGS)) {
- nonExisting.add(existing);
+ PropertyState impersonators = userTree.getProperty(REP_IMPERSONATORS);
+ if (impersonators != null) {
+ for (String existing : impersonators.getValue(STRINGS)) {
+ nonExisting.add(existing);
+ }
}
// and write back the complete list including those principal
// names that are unknown to principal provider.
- userTree.setProperty(REP_PRINCIPAL_NAME, nonExisting, Type.STRINGS);
+ userTree.setProperty(REP_IMPERSONATORS, nonExisting, Type.STRINGS);
}
}
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java?rev=1450849&r1=1450848&r2=1450849&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java Wed Feb 27 17:09:38 2013
@@ -43,6 +43,8 @@ import org.apache.jackrabbit.oak.util.No
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import static com.google.common.base.Preconditions.checkNotNull;
+
/**
* Creates initial set of users to be present in a given workspace. This
* implementation uses the {@code UserManager} such as defined by the
@@ -101,7 +103,7 @@ public class UserInitializer implements
String errorMsg = "Failed to initialize user content.";
try {
- NodeUtil rootTree = new NodeUtil(root.getTree("/"));
+ NodeUtil rootTree = checkNotNull(new NodeUtil(root.getTree("/")));
NodeUtil index = rootTree.getOrAddChild(IndexConstants.INDEX_DEFINITIONS_NAME, JcrConstants.NT_UNSTRUCTURED);
IndexUtils.createIndexDefinition(index, "authorizableId", true, new String[]{REP_AUTHORIZABLE_ID}, null);
IndexUtils.createIndexDefinition(index, "principalName", true,
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java?rev=1450849&r1=1450848&r2=1450849&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserValidator.java Wed Feb 27 17:09:38 2013
@@ -56,7 +56,7 @@ class UserValidator extends DefaultValid
this.parentAfter = parentAfter;
this.provider = provider;
- authorizableType = (parentAfter == null) ? null : UserUtility.getType(parentAfter);
+ authorizableType = UserUtility.getType(parentAfter);
}
//----------------------------------------------------------< Validator >---
@@ -175,7 +175,7 @@ class UserValidator extends DefaultValid
private static boolean isValidUUID(@Nonnull Tree parent, @Nonnull String uuid) {
String id = UserProvider.getAuthorizableId(parent);
- return uuid.equals(UserProvider.getContentID(id));
+ return id != null && uuid.equals(UserProvider.getContentID(id));
}
private static boolean isUser(@Nullable Tree tree) {
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/ResultRowToAuthorizable.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/ResultRowToAuthorizable.java?rev=1450849&r1=1450848&r2=1450849&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/ResultRowToAuthorizable.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/query/ResultRowToAuthorizable.java Wed Feb 27 17:09:38 2013
@@ -69,7 +69,7 @@ class ResultRowToAuthorizable implements
tree = tree.getParent();
type = UserUtility.getType(tree);
}
- if (type != null && (targetType == null || targetType == type)) {
+ if (tree != null && (targetType == null || targetType == type)) {
authorizable = userManager.getAuthorizableByPath(tree.getPath());
}
} catch (RepositoryException e) {
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/UserUtility.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/UserUtility.java?rev=1450849&r1=1450848&r2=1450849&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/UserUtility.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/util/UserUtility.java Wed Feb 27 17:09:38 2013
@@ -18,6 +18,7 @@ package org.apache.jackrabbit.oak.spi.se
import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
+import javax.annotation.Nullable;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
@@ -35,16 +36,16 @@ public final class UserUtility implement
}
@Nonnull
- public static String getAdminId(ConfigurationParameters parameters) {
+ public static String getAdminId(@Nonnull ConfigurationParameters parameters) {
return parameters.getConfigValue(PARAM_ADMIN_ID, DEFAULT_ADMIN_ID);
}
@Nonnull
- public static String getAnonymousId(ConfigurationParameters parameters) {
+ public static String getAnonymousId(@Nonnull ConfigurationParameters parameters) {
return parameters.getConfigValue(PARAM_ANONYMOUS_ID, DEFAULT_ANONYMOUS_ID);
}
- public static boolean isType(Tree authorizableTree, AuthorizableType type) {
+ public static boolean isType(@Nullable Tree authorizableTree, @Nonnull AuthorizableType type) {
// FIXME: check for node type according to the specified type constraint
if (authorizableTree != null) {
String ntName = TreeUtil.getPrimaryTypeName(authorizableTree);
@@ -61,8 +62,8 @@ public final class UserUtility implement
}
@CheckForNull
- public static AuthorizableType getType(@Nonnull Tree authorizableNode) {
- String ntName = TreeUtil.getPrimaryTypeName(authorizableNode);
+ public static AuthorizableType getType(@Nullable Tree authorizableNode) {
+ String ntName = (authorizableNode == null) ? null : TreeUtil.getPrimaryTypeName(authorizableNode);
if (ntName != null) {
if (UserConstants.NT_REP_GROUP.equals(ntName)) {
return AuthorizableType.GROUP;